RESTful APIs in the Real World Course 1

What you'll be learning

Making RESTful APIs is hard, really hard. There are a lot of concepts
to know - resources, representations, HTTP methods, status codes, etc.

And putting this all to life in a sane way in PHP is no small task. In
this course, we'll learn all the most fundamental concepts around REST
and learn about the "rules" and the advantages and disadvantages of each.
And we'll of course build a real API to show it all off. Topics include:

HTTP basics

Resources and Representations

Resource state, client state

GET, POST, PUT, PATCH, DELETE

Idemptotency and safe methods

Proper Status Codes, Location header and Content-Type

Testing your API

RFCs and where the "rules" come from

Advanced error and validation handling

If you want to know about Hypermedia, HATEOAS,
Content-Type negotiation, pagination and more, these are not covered
here, but are covered in Episode 2.

This tutorial uses Silex and we avoid talking
about it as much as possible and instead focus on the core concepts of REST. Once
you understand these, you can watch our Symfony REST
series to learn how to leverage Symfony for your API.

Questions? Conversation?

Dang, that's our bad, that epidose doesn't exit yet and I can't tell if it will exist any time soon. Sorry about it

2018-10-11daimmo

Hi I see a link to Episode 3 but redirects to home page.

Quote:

If you want to know about Hypermedia, HATEOAS, Documenting your API,Content-Type negotiation, pagination and more, these are not coveredhere, but will be covered in Episode 2 and Episode 3.

2018-05-13Matt Johnson

Thanks for the course!

2016-10-01Michal

I came here after few month with little bit more experience and running composer update was the first thing that came to my mind. It wouldn't do anything since you have the tilde sign everywhere because of compatibility but it is good to know that I was on the right path. :) I updated the doctrine and it seems to be working now. It is probably time to finish this tutorial. Thanks a lot for your help.

2016-07-05Mihail

Oh, thanks again, I just didn't know that it was possible to update only chosen dependencies with composer.

2016-07-05weaverryan

Cool! Glad it's working!

I think you had the right idea - just maybe not in the right order. I think you needed to:

A) Update dbal in composer.jsonB) Run `composer update doctrine/dbal` so that it *only* updates that library (and not everything else, including Symfony).

Cheers!

2016-07-05Mihail

Thanks Ryan,

Indeed, when running composer update - symfony3 security dependencies are being fetched. However on composer install, updating dbal just in composer.json doesn't help. I decided to add the same changes of source reference from composer.lock as in your repository and after composer install now it works! :)

2016-07-04weaverryan

Hi Mihail!

Hmm, this is interesting. I can see what's happening: I think when you upgraded Doctrine, you also upgraded Symfony - it appears that it's in some weird state where part of your code is on Symfony 3, and part of your code is on Symfony 2 still. The SecurityContextInterface is a Symfony *2* thing, while the AuthorizationChecker is a Symfony 3 thing. If you didn't intend to also upgrade Symfony, I would roll back. But if it's ok - try forcefully clearing your cache:

rm -rf app/cache/*

(or var/cache/* depending on where your cache dir lives).

Let me know if that helps! Cheers!

2016-07-01Mihail

Hi Ryan,

After the update to 2.5.4 tests start passing as expected, but when I tried to access the app on the login page another error appeared: Fatal error: Uncaught TypeError: Argument 1 passed to Symfony\Bridge\Twig\Extension\SecurityExtension::__construct() must implement interface Symfony\Component\Security\Core\SecurityContextInterface, instance of Symfony\Component\Security\Core\Authorization\AuthorizationChecker given

Could you advise on what should be done to resolve this issue?

2016-05-23Sergio Costa

Thank you very much! You Guys Rock!

2016-05-22weaverryan

Hi Sergio!

The answer to this depends on several things, including the size of the files. In the simplest model, you can just send your data in the body of the request and read out the request content and save that to a file. In other words, treat your "upload" just the same as when your client sends JSON to your API. You an also use the multipart/form-data method and get more complex from there. Google Drive's API docs are actually very nice at explaining what they allow :) https://developers.google.c...

Cheers!

2016-05-19Sergio Costa

Folks, is there any example tha show how to send Files over REST API ?

2016-04-05Achilles Kaloeridis

Everything seems to be working now, thanks :)

2016-04-05weaverryan

Ah, thanks! Now I *know* we have a problem :) - and weird one! It looks like there's a old bug in Doctrine itself on HHVM and PHP 7: https://github.com/doctrine.... This was fixed in doctrine/dbal version 2.5.4 (the tutorial ships with version 2.4.4).

I've just updated the code download to use 2.5.4. If using the new code - or upgrading your project - makes it better, let me know!

Thanks!

2016-04-05Achilles Kaloeridis

I get the same error on login. I followed the installation process. I am using PHP7 too. On registration I get:

An exception occurred while executing 'SELECT u.* FROM user u WHERE ()': SQLSTATE[HY000]: General error: 1 near ")": syntax error

And:

PDOException in Connection.php line 691:SQLSTATE[HY000]: General error: 1 near ")": syntax error.

2016-03-18weaverryan

Hmm, that's enough to tell me what query is failing - the one that tries to load the username you just entered from the user table. But I can't repeat this locally (I downloaded the code from one of the tutorial pages, unzipped it, moved into the "start" directory and followed the README). And I can't seem to see anywhere in the code that *might* be causing this. What error do you get when you try registration?

Btw, you might also be interested in the Symfony REST tutorial: http://knpuniversity.com/sc.... We cover theory a little bit less (we cover things in more depth in this tutorial), but that tutorial uses the Symfony full stack framework.

Cheers!

2016-03-17Michal Jarnot

I tried to find the query but I am symfony beginner so I was not really successful. The error itself shows when I enter login page. It is displayed above login form. Additionally I cannot register new user.

2016-03-17weaverryan

Ah, hmm - when exactly do you get this error? It's definitely weird/wrong that the WHERE is empty - if we know *where* this error happens (i.e. which query gives us this error) - we might be able to track it down.

Cheers!

2016-03-16Michal Jarnot

But the thing is it still does not work. :D

2016-03-16weaverryan

Hi Michal!

Thanks for posting - that is SUCH a weird error for that problem - hopefully this will help anyone else who hits that.

I use windows 10. php 7. I had to create "data" folder manually. Sqlite file was then created automatically.

2015-07-14weaverryan

Hey again!

I saw your other comment about the database error - obviously this is related :). The project uses sqlite and creates a data/code_battles.sqlite file. It does this automatically when you hit any page: if it doesn't see that file there, it initializes the database and creates it. You don't need to have any database credentials, you just need to make sure the data directory is writeable (you'll get an error if it isn't).

Let me know if this helps!

2015-07-14Emberous

Hello, i am following your tutorial, but i can't find database data and also can't find db configuration file.

2015-04-23weaverryan

Hey Nick!

Ok first - watch our OAuth tutorial: http://knpuniversity.com/sc.... I'm saying this because I was once as confused as you were, and now things make a lot more sense.

Next, if you want to allow people to be able to "login with Twitter" to your app, then you'll be acting as an OAuth client and interacting with those 3rd parties. In this scenario, your app would get a "Facebook access token", which you'll use to fetch some user data and then log them in. But this has nothing to do with how you'll setup auth for YOUR API. For example, once the user is logged in to your site - say, on your iPhone app - (via normal form login or Facebook - doesn't matter), they will somehow need to get an access token to YOUR site and send that along with the requests. So yes, you could be an "OAuth" client just to allow "Facebook login" and then have your own "token authentication" system where users simply login to your site (via whatever mechanism) and then create tokens.

You would only need an OAuth server (like FOSOAuthServerBundle) if, for your API, you were using access tokens and wanted your users to obtain those through the OAuth flow (instead of logging in, generating them, then inputting those manually into your iPhone app).

I hope that makes MORE sense - definitely back up and get deep in the purpose of OAuth, and it'll help clarify things.

Cheers!

2015-04-23Nick

So is it possible to use Oath without use any external service like Google or Facebook but my token system but following oauth rules?

For example I could use HWIOAuthBundle but this have tons of 3rd party providers. Tha means practically that someone cannot access my app without first has an account with at least one of these providers. Is that good? I could prefer a hybrid system where user can register via twitter or Facebook or Google or whatever provider OR via ordinary register. Then after persist in db he can login and create tokens in my app without use any 3rd party provider. I think that's the best for my case. I am a bit puzzled about token and oauth... They seem similar but i think oauth has some diffs and more strict pattern I should follow. Do I need FOSOAuthServerBundle to achieve oauth without the use of 3rd party provider?

Thanks so much for the help!

2015-04-23weaverryan

Hi Nick!

Oh boy, I feel your pain :). The correct answer is: it depends. I'm kidding (sort of), I can at least give you some personal recommendations. Let's do it in bullets:

1) If it were only a browser app, I'd just use normal sessions (since AJAX includes the session cookies). But since you need other things, probably not.

2) OAuth is probably a good way to go. But first, realize that OAuth is really a pattern that helps your API clients to *retrieve* an access token. What i mean is, you can totally create a token authentication system without OAuth. For example, have a Token entity table, allow your users to login and generate a token, then set things up to look up the token in your database table on auth. That's what we do in REST ep2: https://knpuniversity.com/s.... OAuth has the advantage that it defines the whole flow of how a user gets redirected to your site, and the app eventually gets the token. There are also libraries to help manage an OAuth "server".

4) HTTP Basic may also be enough (as long as your on https). I *think* (and I'm not an expert here) that the risk with an app is that since you're typing your username/password into the app, the user isn't guaranteed that your app isn't storing that somewhere (i.e. stealing it) before sending it across https to the site.

5) (Sorry, getting long). If you *do* use a token-based system (OAuth or not), you could ALSO allow traditional form login with a session, and take advantage of this with OAuth. You'd then have the user login like normal, and then all the AJAX requests would be Auth'ed just because they contain the session cookie (i.e. you wouldn't need to worry about obtaining/sending a token from Angular).

Phew! I hope that at least helps a little bit!

2015-04-22Nick

Hello,

If you create a simple application with Symfony2 in backend as a rest api and angularjs in frontend, which is the best Authorization pattern to use for your rest api?

My goal is to create a rest api and have Angular for browser users and apps for android and ios which all of them will hit the symfony2 rest api backend. But what authorization to use? I am a bit complicated... Can I use oauth2 without use a third party site like Facebook or Google? Is HTTP basic secure enough? Is token the best practice for my needs or WSSE?

I am completely puzzled :D

Thanks a lot.

2015-02-27weaverryan

Great, cheers! What an odd way for PHP 5.3 to cause a failure. But I'm super glad you figured it out :).

2015-02-26Jonz

Hello Again, Looks like that worked. Looks like the minimal requirement for php is 5.4.x. Thanks again... can't wait until episode 3...

2015-02-25weaverryan

Hey again!

Hmm, yes I just followed the directions on that chapter, but I've got the same result (site shows up ok, I'm able to login, etc). So, even though I can't imagine why, it's *possible* it's your version of PHP, so upgrading that would be my next try.

Sorry you're having issues!

2015-02-25Jonz

Just to make sure I didn't make a newbie mistake. I re-downloaded the code a few more times and unfortunately the same result. I followed the same instructions as per the "Project Routing" segment. The difference I just realize is that I am not using the latest version of php. Looks like my version of PHP is 5.3.29. Do you think that would be the problem?

2015-02-25weaverryan

Hi Jonz!

Thanks for the nice words :). Unfortunately, I can't repeat your error with a fresh code download, and I also can't think of how this would be happening. I don't think it's Windows-related, but I can't quite explain it. That missing service is setup inside the Application class right here when the app boots: https://github.com/knpunive...

Did you download the code from the site? Are you using the "start" or "finish" directory. We'll see if we can get it working :).

Cheers!

2015-02-25Jonz

Good work with the tutorial this is one of the better ones out there and there are many I have seen. But, when I tried to launch the sample code for this tutorial I get the following:

I tried to look around for some solutions on the web and on this discussion forum but was not able to get one. I am using a window machine with the latest versions of php/apache. Thanks in advance for the help.

2015-02-02weaverryan

Hi Joan!

No worries about the spam! And it looks like you're absolutely right! If you set the WWW-Authenticate header, then even though you're making the request with AJAX, it causes the popup. And you're also right that the fix is to override the BasicAuthenticationEntryPoint class, which is rather unfortunate (only because I always like when things are easy!).

Let me know if you need any help with the issue beyond what you've discovered already.

Cheers!

2015-02-02Joan

sorry for the spam, this is the question and my own answer on how I solved it:

Hey Ryan,I am making an API call using jquery $.ajax and it works. The API call in question is the one to retrieve a user's token given Basic Auth credentials. However, when the credentials introduced are (purposely) wrong the API returns a 401 Unauthorized causing a Network Error to appear in the browser console, and additionally, the browser will show the default Authorization Required form for the user to retry. I don't want this behaviour and at this point I am not sure of if this is the frontend's fault or the API's fault. I think the issue is that the API responds with this header: WWW-AuthenticateBasic realm="Secured" . If this is correct on the API side, then I'll need to find a way to prevent the default behaviour in the frontend but at this point I am not sure. If you got anything to say in this regard, I'd be glad to hear about it :p Thanks

2015-01-15ricky spires

SOLVED...

For some reason my virtual box conflicting. I destroyed my Vagrant and now it works :)

2015-01-15ricky spires

I think it's in the code. If I comment it out and do echo"testing"; it returns testing

In episode 2, we talk about embedded resources, but that chapter is *not* quite out yet (it will be out today or tomorrow, but the rough draft is up now: http://knpuniversity.com/sc.... But short story is yes: you can absolutely choose to embed one resource into another one. How do you decide if you want to do this? It's totally subjective - if it's convenient for you, do it. And though it violates the norms of REST, I have seen people allow the client to control this with a query parameter (e.g. ?_embed=battle).

About the update, I can't think of much information about this, but yes, you can do this, and I think you could even certainly make a case for it being RESTful. For example, if you're updating a programmer, but also sending data for the programmer, then you could argue that philosophically, all of that is just one big programmer+battle resource that's being updated :).

So if you *need* to, do it. But I would probably make the API also be ok if the Battle data weren't included in the Programmer update, since that's a bit more of a "normal" situation. Oh, and one more thing that someone smarter than me said on this topic once: The job of the server is to do its best to understand the representation and update the resource. For me, this means that your server should not police the client and say "no, you cannot send battle fields in this request, it's no proper, get out!". It should instead try to be flexible and do its best to update the resource based on the data. Just don't go crazy breaking the rules - you might be better off sending 2 update requests (you could likely send them in parallel anyways).

Cheers!

2014-12-18Jake

Suppose I have a page which shows the programmer and the list of battles he had. So basically there's two resources: Programmer and Battle that is utilized by this page.

Is it possible to have your programmer endpoint in such a way that it includes the battles as part of the response?

Furthermore, sometimes when you update a resource, you also need to update linked resources together with it.. Does it make sense to do this in one request?

2014-12-05Edison

SILEX Of Course, I forgot !! Now it solved my "issue" 100% :)Oh my God, I Was thinking all the time in symfony (What a Shame..) Thank you Ryan!!

2014-12-05weaverryan

Hey Edison!

Bambi question, I like that :). The app/console server:run is strictly a Symfony-thing, which we don't have here since this app is in Silex (similar, but not the same). But that's ok, the server:run is just a short-cut for:

cd web

php -S localhost:8000

Check out this section here: http://knpuniversity.com/sc.... It sounds like it *was* running, so you might have already done this successfully before. And I think this answers your other questions too - this is Silex, not Symfony - so the directory structure is something I created - it's Symfony-esque, but simpler.

Does that help?

Cheers!

2014-12-05Edison

Hello Ryan and KNPU Guys!

I have a Bambi question for you:

I installed the project and I was playing and having fun for a while, suddenly I tried to refresh the page and the application gone!!

I tried to use app/console server:run and guess what??? Command not found.

Why the app directory only has bootstrap.php file inside? Where are other files and folders? What's the problem?

Thanks =)

2014-11-26Roukmoute

No, FOSRestBundle is a Bundle not an independent library.I must create an API which will run in Sf 1.4 and Sf 2.I inquire for this case.

I "just" have to create an library and create a plugin for Sf 1.4 and a Bundle for Sf 2 who re-use correctly the library.

I think that this could be the subject of a good tutorial.Propose the creation of a library that would be reusable by subsequently using the principle of adapter.

I am disappointed because I didn't start with an already existing project.I would like to know how to create a library that would be reusable on several projects.I want to create an API library which could be implement in a Symfony 2 project, as in another framework.

What is the best way to do so?

2014-10-02weaverryan

Oh no! Sorry about that - I hope we'll start to release episode 2 over the next few weeks. I know that's no help to you right now, but I'll do my best!

2014-09-26Heikki

Any news on episode 2? Any estimated date? Struggling with authentication and pagination!

2014-09-19Miriam Tocino

Hi Ryan! thanks for the quick reply :-) I will look definitely into it. And yeap, I do use Symfony for it! Cheers!

2014-09-19weaverryan

Hi Miriam!

Hmm, I haven't gotten this far in the next tutorial, but we *do* have CORS on the menu for it, which indeed could be very helpful in your case. Instead of waiting for us, my advice would be to go ahead and check into this. If you happen to use Symfony, there is a bundle that helps with this: https://github.com/nelmio/N.... And if not, the bundle may still be instructive.

Cheers!

2014-09-19Miriam Tocino

Hey Ryan!

Just finished this episode, learned a lot about the idea behind REST, HTTP methods and status codes! :-)

However I still have some open questions. I am now working on a web service which should accept PUT requests from other domains (in this case sent from an iOS app). Up until now we are building the request using an AJAX call and JSONP, which turns out not to be true REST and has well-known security issues (so I am not happy at all with it).

I was just wondering if there is something related to this topic coming in episode 2 of these series, maybe related with Cross Domain Headers and so on... That would be very helpful!

I look forward to it and keep up the nice work!

2014-09-06Sergio

Hello Ryan! Really thanks for your good work, looking forward for the Symfony2 version also...

2014-08-22Joan

damn, you are right, should pay more attention, thanks!

about the windows note, same goes for behat "vendor\bin\behat" :)

2014-08-22weaverryan

Hey Joan!

Hmm, actually, the problem might be simple! In your code, you're using json_enode - it should be json_decode. Let me know if that helps!

About Windows, I'll double check and make sure we have a note about the Windows command. I thought I had a note, but it's very possible I left it out!

Thanks!

2014-08-22Joan

In the chapter "Testing your API with PHPUnit" I need to comment line 30 to get the tests passed. ($data = json_encode($response->getBody(true), true);)

Otherwise I get the following error:

1) KnpU\CodeBattle\Tests\ProgrammerControllerTest::testPOSTPHPUnit_Framework_Exception: Argument #2 of PHPUnit_Framework_Assert::assertArrayHasKey() must be a array or ArrayAccess

Yea, that's quite controversial - even William and I disagree on this :). William (who I admit is more knowledgeable than I am) recommends using a single controller for both the HTML and JSON (or XML) representations. The potential problem with this approach might be if your web interface doesn't really look like your API. For example, you might have a /products API endpoint. But perhaps there's really no "products list" web interface page - perhaps instead there is /dashboard only, which shows products and users you're connected to (just imagining some example).

I would say, if you're comfortable with the idea of using one controller to return different representations, try that. But realize, that you may have some controllers that will only return JSON or will only return HTML, because there is only a JSON version of /products and an HTML version of /dashboard. And I think that's ok :). If you're overwhelmed by all of this, then don't feel bad using different controllers (but do your best to use services to avoid duplication).

Great question!

2014-08-11Jasper

Hi, I'm excited for the second part of the RESTful API tutorial.

If possible I want to know which is the more efficient or preferred way of implementing the api and web interface.. separate controllers or only one but be able to handle different representations?

2014-08-01weaverryan

Not *too* soon unfortunately - probably a couple of months, but could be sooner. If you're on the mailing list, we'll bother you when it happens :).

2014-07-31MeDevPHP Dev

Ahh ok, how soon.. :) ? Looking forward to it.

2014-07-30weaverryan

No worries - I want to do that in the future! Using Silex gets us much *closer* to learning about API's and REST (without the framework getting in the way). So later, when we *do* have a tutorial about API's in Symfony, we can just get our job done quickly, since we'll have laid all the ground-work in these tutorials :).

Cheers!

2014-07-29MeDevPHP Dev

arrrgghh! I quit at the mention of Silex, why not straight SF2 ( or will NelmioBundle or something).... :(

2014-06-16weaverryan

Thanks so much! I've also read about half of Phil's book (just been short on time) and very much enjoyed it as well.

We'll keep pushing forward with the 2nd episode - I'm excited too!

Cheers!

2014-06-16Guest

Just finished it up - really can't wait for the next course. Great job everyone! :)

If anyone wants more reading on this, Phil Sturgeon's "Build APIs You Won't Hate" (available via Leanpub) is a great resource to learn more. It covers topics that will be in the second course, but it's available now.

I'll be back to watch the second course when it comes out :D

2014-06-14weaverryan

You're right! I've just updated the code download - it *does* contain a few more things than the original beta code download.

Thanks for pointing that out!

2014-06-14Di-SiDE

Hi Ryan,the source code is missing the ApiFeatureContext::thePropertyShouldContain method (that was not defined in the previous beta code).

2014-06-13weaverryan

Hey Aliaksandr Harbunou!

Obviously, it depends on what you need, but I'm a fan of using a token system: it's simple to implement and very understandable by your clients. That's what we're using in episode 2, modeled roughly off of GitHub. If you're curious, you can see the low-level setup here: https://github.com/knpunive....

Hope that helps!

2014-06-12Aliaksandr Harbunou

Where part with authorization via REST? I already did REST before this tutorial has been published, however authorization part still didn't chosen. WSSE, Token or your ideas?

2014-05-29weaverryan

Hey Davor!

It means that part of the tutorial is available, but part of it still needs to be released. Right now, if you look at the table of contents on the left, you'll see the last few chapters are grey - we're still working on those and will release them soon. So, you can start going through the tutorial now, and if you own it, we'll email you when the rest of the chapters come out.

Yes, that's not an easy problem to solve! We'll definitely cover that, using an approach that you'll recognize from FOSRestController. There are still a lot of tough details to cover in episode 2!

Really happy you've enjoyed it!

2014-04-30Pablo María Martelletti

Excellent so far! I've purchased and already seen it all, so great job! Waiting to see the rest of it. It would be great if you cover how to handle different formats for same url endpoints, just like FOSRestController do, and not to have the code duplicate in API Controllers and so on.

Cheers!

2014-04-30Heiko Krebs

Thanks!

2014-04-30weaverryan

Hey Chris!

We just released the first chapters this morning and a full chapter list. Hope you enjoy it!

Cheers!

2014-04-29Chris

Hey Ryan - any chance of an update on the timings on this one? keen to see it.

2014-04-28weaverryan

Most of the chapters are recorded and edited, so it should be very soon now! We're passed due on getting this out and we know it - so we're working our butts off this week on it to not delay further :).

Cheers!

2014-04-23Thomas

Any news?

2014-03-24Jlsefksfesse

Ok, thanks for letting me know, and for working on the tutorials. I'm looking very much forward to seeing them released!

2014-03-24weaverryan

Hey Tor!

A few chapters should come out next week (good REST background, building up the basic endpoints, testing them, etc) with more of the meat coming a few weeks later. We'll email you with updates when the first chapters come out.

Cheers!

2014-03-22Jlsefksfesse

What's the current estimate for when this will be out?

2014-03-15Jlsefksfesse

Thanks for making these. I'm looking forward to this one a lot! I'll need it for two projects, and the sooner it's available the better ;)

2014-03-12weaverryan

Hey! No hard ETA yet - but we're aiming to start releasing chapters in the next couple of weeks (I'm working on stuff right now).

Cheers!

2014-03-12Guest

Any ETA? :) Too late for me to take advantage (I think i have a pretty good grasp now anyway) but I am looking forward to these anyway.

2014-03-04weaverryan

We didn't hit Feb, but I just updated the release date information (above in the summary) - I'm working hard on this - we'll post things as soon as we can :) Cheers!

2014-03-04weaverryan

FYI - I've just updated the release date information, so not by Feb obviously, but soon! Thanks!

2014-02-01weaverryan

I think that's an important topic. We should cover how a client might look quite a bit just by playing with the API we build and writing some tests. I don't have the details yet, but I'll keep your suggestion here in mind - it's good :).

Thanks!

2014-01-31Evert

Should there also be a topic related to a client that can consume the api in the right way?

2014-01-22Lukas Lukac

Hmmm i think it should be everything with Sf2 for Sf2 devs! :D Almost exactly one year before i started with Sf2 and i was like :O and it was the KNP course that had introduced me for the first time the world of frameworks and the beauty of this framework. Now i desperately crave for some great Sf2 REST course that will learn me a lot and will show practical tricks :) So once again, can't wait! Very excited :)

2014-01-22weaverryan

This will be a Feb release! Sorry it can't be sooner - but if you click "Notify Me" - we'll ping you as soon as the first chapters are published.

Cheers!

2014-01-22weaverryan

Almost definitely :). Though I haven't decided if we should do something more generic first to introduce the concepts directly (like in Silex) and *then* something in Symfony2 using our extra tools. I'd love to have something useful for Sf2 and non-Sf2 devs.

2014-01-22Lukas Lukac

Hi, sounds very intresting! Can't wait! Will be this REST API course connected with SF2 ?

2014-01-21weaverryan

Definitely will be covering Hypermedia, that's where things get interesting :). I'll have at least some details in there on authentication as well - I understand very well why you're asking!

Thanks for the extra details!

2014-01-20Guest

I am also extremely curious when this is going to be done. I could use this information ASAP :)

2014-01-18Wojtek

I'd like to see HTTP basic, HTTP digest and OAuth2.Also are you planning to show how to implement HATEOAS (Hypermedia)?

2014-01-18weaverryan

Hey Wojtek!

I'm not sure yet. We have an OAuth tutorial coming out very shortly (http://knpuniversity.com/sc..., which might address some of this. Which parts of authorization with a REST API would be helpful to you?